Staff Member

You can set the one day value to a higher number so it's not triggered, and so only the "IP Address-based Brute Force Protection Period (in minutes)" is utilized. However, if you are seeking native support for an option to change 1-day to 3-day in the interface, then it's a good idea to open a feature request:

If you can give me the 5 figures I should insert into the 5 fields shown in my pic above, to get the end result then I will try once more and report if it does not work.
I want to simply have anyone that has 4 wrong password attempts to be banned for 3 months.

?
That doesn't sound like it will block for 3 months on 4 wrong attempts.
Pls re explain

Could the problem be that i am on a VPS running on Virtuozzo??

I have the
Maximum Failures per IP Address before the IP Address is Blocked for One Day setting set to 50.
the other 2 set to 4 attempts to block for 3mths in minutes.
It still blocks only for one day...

As it was a bit confusing for me to get a 3 month ban I thought I would show my settings here for others to see.
The thing that made the difference was the last setting, keepng the login history for same setting as the others above..
Hope it helps some others out there scratching their head like I was.

OK - I need some clarification. In previous versions of cPHulk, I was able to configure so that someone was banned for up to two weeks.

My Settings:

User Based Protection
Brute Force Protection Period: (in minutes)20 [this is the time period within which the server monitors for incorrect access attempts]Maximum Failures by Account: 3 (I only want to allow for 3 attempts before that user is blocked)

Failed Logins shows multiple accounts and has the 20610 period and counting down

Blocked Users is empty

Blocked IP Addresses is empty

One-Day Blocks has a list of IPs that "IP reached maximum auth failures for a one day block" and at most are blocked for ONE day ***

Objective: When someone fraudulently tries to log into my server, their IP is blocked for a period of time (ideally that I can configure).

In the settings above, I have it configured to monitor logins, and when 3 failures occur within a 20 minute period, it is locked down - however I cannot find a combination that allows me to block it for more than one day - and I cannot log in every day to blacklist IPs (too time consuming!)

HOW do I increase the period to block the IP from being able to attempt to log in beyond One Day (denoted by the *** above)??

In an ideal world, if the IP was blocked - it would be added to the blacklist therefore never able to attempt again. Because it is only a SINGLE DAY, attempts are being made CONSTANTLY against the server - utilizing resources and putting it at risk.

This is not the time frame of the monitored period. It's the number of minutes during which cPHulk blocks an attacker's IP address. You can increase this to block an IP address for a longer period of time.

As it was a bit confusing for me to get a 3 month ban I thought I would show my settings here for others to see.
The thing that made the difference was the last setting, keepng the login history for same setting as the others above..
Hope it helps some others out there scratching their head like I was.